Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer
File: 4NGoNmwhFZ8HlHipAwhD-_YGMbk.cer (raw, json)
Hash identifier: KPhGbYGPbHiLmNBlyN9J4vV2bzCRAFvTD72gb1VSFPQ=
Subject key identifier: E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942144501DE885385EAD461CF6734BF3D6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:32 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.76.30.0/23
IP: 194.127.134.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:50:1d:e8:85:38:5e:ad:46:1c:f6:73:4b:f3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0d1a8366c21159f079478a9030843fbf60631b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:2e:eb:3c:19:eb:2c:33:9f:88:10:e2:d8:
a0:b6:b7:e9:29:8a:72:ff:df:66:1e:6c:76:79:fd:
e5:80:91:0a:56:a4:1e:64:2a:af:64:08:eb:9a:10:
f5:93:28:aa:0b:8d:59:fe:34:fe:af:67:f1:9e:a0:
d8:00:b2:ee:b6:89:0c:4b:f9:90:da:aa:24:6d:1f:
be:81:5d:26:a8:72:14:47:5a:d4:47:6a:ab:76:8e:
2a:e4:14:8b:b1:7e:7b:e6:87:e1:20:36:93:ab:9c:
7f:79:d4:a5:54:a3:20:3c:c9:9c:5c:a6:98:03:53:
96:20:4f:5a:cf:06:2e:fe:d6:2b:3c:f7:9d:d2:3d:
25:cf:bb:f1:13:c1:53:32:2f:92:30:a6:f2:8b:5b:
78:eb:6a:4d:b4:30:20:39:b0:a0:d8:e4:dd:05:59:
4b:7f:26:c0:a3:bc:77:b7:76:b5:d7:4a:7f:3f:9d:
85:94:7e:d6:1e:c2:a2:02:dd:82:64:bb:dc:f3:25:
be:be:70:f4:64:11:86:c5:fe:2b:29:c5:97:54:4f:
56:56:ce:00:b7:d8:e4:52:9e:6b:8a:77:9b:2c:00:
4d:b9:66:c7:73:0d:26:64:38:15:7c:19:bb:a5:31:
b8:76:b4:0c:b2:e3:75:8f:95:09:2f:41:00:a7:43:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D1:A8:36:6C:21:15:9F:07:94:78:A9:03:08:43:FB:F6:06:31:B9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2de324-86c7-43d6-9df2-f8ae0dbc5df2/1/4NGoNmwhFZ8HlHipAwhD-_YGMbk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.30.0/23
194.127.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:06:06:f9:36:3f:f5:24:4b:76:9e:ae:c8:4d:09:a7:34:85:
9e:e4:b1:57:a5:95:d1:07:ed:20:46:7a:8f:e5:d8:db:bf:e5:
a7:35:60:9a:ff:7f:c1:15:02:5c:35:e9:ef:3d:b5:7b:3d:f7:
cd:81:98:56:c4:74:55:48:ea:e7:f9:59:64:59:50:fc:d5:30:
71:3d:a8:f9:7f:80:f3:66:8e:dd:51:fe:a4:9e:af:c0:f3:f9:
be:ed:77:74:b8:f4:9e:ab:ae:de:23:a7:41:2c:b0:ff:94:d3:
ed:56:22:b6:76:cb:ad:c5:d9:75:51:a7:b0:c9:8a:4d:47:f4:
8d:33:bf:a5:dd:e1:6a:ac:de:5b:d8:0b:fd:47:17:d9:63:0c:
b4:9a:a6:a0:06:21:dd:88:d5:e3:bc:1f:ab:f1:b1:e1:a8:30:
0c:1a:f3:cc:90:05:3e:df:26:bd:f2:59:4c:e3:4c:68:7d:5f:
51:4a:7b:0d:56:22:94:21:c6:8f:3a:f3:dd:1e:bf:86:db:2b:
06:c8:22:20:7c:4a:10:0c:6f:11:6e:e6:be:ca:1c:7b:80:b5:
17:f9:07:cf:e0:06:26:57:11:18:f6:4f:22:a5:83:d1:4c:c9:
53:53:38:68:ee:27:b1:37:5e:d6:cc:a1:cc:82:5c:8b:c3:e5:
72:99:bf:21
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQhRFAd6IU4Xq1GHPZzS/PWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQxYTgzNjZjMjExNTlmMDc5NDc4YTkwMzA4NDNmYmY2MDYzMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcsu6zwZ6ywzn4gQ4tigtrfpKYpy
/99mHmx2ef3lgJEKVqQeZCqvZAjrmhD1kyiqC41Z/jT+r2fxnqDYALLutokMS/mQ
2qokbR++gV0mqHIUR1rUR2qrdo4q5BSLsX575ofhIDaTq5x/edSlVKMgPMmcXKaY
A1OWIE9azwYu/tYrPPed0j0lz7vxE8FTMi+SMKbyi1t462pNtDAgObCg2OTdBVlL
fybAo7x3t3a110p/P52FlH7WHsKiAt2CZLvc8yW+vnD0ZBGGxf4rKcWXVE9WVs4A
t9jkUp5rinebLABNuWbHcw0mZDgVfBm7pTG4drQMsuN1j5UJL0EAp0NATQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFODRqDZsIRWfB5R4qQMIQ/v2BjG5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5LzJkZTMy
NC04NmM3LTQzZDYtOWRmMi1mOGFlMGRiYzVkZjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvMmRlMzI0
LTg2YzctNDNkNi05ZGYyLWY4YWUwZGJjNWRmMi8xLzROR29ObXdoRlo4SGxIaXBB
d2hELV9ZR01iay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQBwkweAwQAwn+GMA0GCSqGSIb3DQEBCwUAA4IB
AQCnBgb5Nj/1JEt2nq7ITQmnNIWe5LFXpZXRB+0gRnqP5djbv+WnNWCa/3/BFQJc
NenvPbV7PffNgZhWxHRVSOrn+VlkWVD81TBxPaj5f4DzZo7dUf6knq/A8/m+7Xd0
uPSeq67eI6dBLLD/lNPtViK2dsutxdl1UaewyYpNR/SNM7+l3eFqrN5b2Av9RxfZ
Ywy0mqagBiHdiNXjvB+r8bHhqDAMGvPMkAU+3ya98llM40xofV9RSnsNViKUIcaP
OvPdHr+G2ysGyCIgfEoQDG8Rbua+yhx7gLUX+QfP4AYmVxEY9k8ipYPRTMlTUzho
7iexN17WzKHMglyLw+Vymb8h
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:58:25 2025 by rpki-client